.\" Man page generated from reStructuredText.
.
.TH "KNIFE-SSH" "1" "Chef 12.0" "" "knife ssh"
.SH NAME
knife-ssh \- The man page for the knife ssh subcommand.
.
.nr rst2man-indent-level 0
.
.de1 rstReportMargin
\\$1 \\n[an-margin]
level \\n[rst2man-indent-level]
level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
-
\\n[rst2man-indent0]
\\n[rst2man-indent1]
\\n[rst2man-indent2]
..
.de1 INDENT
.\" .rstReportMargin pre:
. RS \\$1
. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
. nr rst2man-indent-level +1
.\" .rstReportMargin post:
..
.de UNINDENT
. RE
.\" indent \\n[an-margin]
.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
.nr rst2man-indent-level -1
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
..
.sp
The \fBknife ssh\fP subcommand is used to invoke SSH commands (in parallel) on a subset of nodes within an organization, based on the results of a \fI\%search query\fP made to the Chef server\&.
.sp
\fBSyntax\fP
.sp
This subcommand has the following syntax:
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
$ knife ssh SEARCH_QUERY SSH_COMMAND (options)
.ft P
.fi
.UNINDENT
.UNINDENT
.sp
\fBOptions\fP
.sp
This subcommand has the following options:
.INDENT 0.0
.TP
.B \fB\-a SSH_ATTR\fP, \fB\-\-attribute SSH_ATTR\fP
The attribute that is used when opening the SSH connection. The default attribute is the FQDN of the host. Other possible values include a public IP address, a private IP address, or a hostname.
.TP
.B \fB\-A\fP, \fB\-\-forward\-agent\fP
Use to enable SSH agent forwarding.
.TP
.B \fB\-c CONFIG_FILE\fP, \fB\-\-config CONFIG_FILE\fP
The configuration file to use.
.TP
.B \fB\-C NUM\fP, \fB\-\-concurrency NUM\fP
The number of allowed concurrent connections.
.TP
.B \fB\-\-chef\-zero\-port PORT\fP
The port on which chef\-zero will listen.
.TP
.B \fB\-\-[no\-]color\fP
Use to view colored output.
.TP
.B \fB\-d\fP, \fB\-\-disable\-editing\fP
Use to prevent the $EDITOR from being opened and to accept data as\-is.
.TP
.B \fB\-\-defaults\fP
Use to have knife use the default value instead of asking a user to provide one.
.TP
.B \fB\-e EDITOR\fP, \fB\-\-editor EDITOR\fP
The $EDITOR that is used for all interactive commands.
.TP
.B \fB\-E ENVIRONMENT\fP, \fB\-\-environment ENVIRONMENT\fP
The name of the environment. When this option is added to a command, the command will run only against the named environment.
.TP
.B \fB\-F FORMAT\fP, \fB\-\-format FORMAT\fP
The output format: \fBsummary\fP (default), \fBtext\fP, \fBjson\fP, \fByaml\fP, and \fBpp\fP\&.
.TP
.B \fB\-G GATEWAY\fP, \fB\-\-ssh\-gateway GATEWAY\fP
The SSH tunnel or gateway that is used to run a bootstrap action on a machine that is not accessible from the workstation.
.TP
.B \fB\-h\fP, \fB\-\-help\fP
Shows help for the command.
.TP
.B \fB\-i IDENTITY_FILE\fP, \fB\-\-identity\-file IDENTIFY_FILE\fP
The SSH identity file used for authentication. Key\-based authentication is recommended.
.TP
.B \fB\-k KEY\fP, \fB\-\-key KEY\fP
The private key that knife will use to sign requests made by the API client to the Chef server\&.
.TP
.B \fB\-m\fP, \fB\-\-manual\-list\fP
Use to define a search query as a space\-separated list of servers. If there is more than one item in the list, put quotes around the entire list. For example: \fB\-\-manual\-list "server01 server 02 server 03"\fP
.TP
.B \fB\-\-[no\-]host\-key\-verify\fP
Use \fB\-\-no\-host\-key\-verify\fP to disable host key verification. Default setting: \fB\-\-host\-key\-verify\fP\&.
.TP
.B \fBOTHER\fP
The shell type. Possible values: \fBinteractive\fP, \fBscreen\fP, \fBtmux\fP, \fBmacterm\fP, or \fBcssh\fP\&. (\fBcsshx\fP is deprecated in favor of \fBcssh\fP\&.)
.TP
.B \fB\-p PORT\fP, \fB\-\-ssh\-port PORT\fP
The SSH port.
.TP
.B \fB\-P PASSWORD\fP, \fB\-\-ssh\-password PASSWORD\fP
The SSH password. This can be used to pass the password directly on the command line. If this option is not specified (and a password is required) knife will prompt for the password.
.TP
.B \fB\-\-print\-after\fP
Use to show data after a destructive operation.
.TP
.B \fB\-s URL\fP, \fB\-\-server\-url URL\fP
The URL for the Chef server\&.
.TP
.B \fBSEARCH_QUERY\fP
The search query used to return a list of servers to be accessed using SSH and the specified \fBSSH_COMMAND\fP\&. This option uses the same syntax as the search sub\-command.
.TP
.B \fBSSH_COMMAND\fP
The command that will be run against the results of a search query.
.TP
.B \fB\-u USER\fP, \fB\-\-user USER\fP
The user name used by knife to sign requests made by the API client to the Chef server\&. Authentication will fail if the user name does not match the private key.
.TP
.B \fB\-v\fP, \fB\-\-version\fP
The version of the chef\-client\&.
.TP
.B \fB\-V\fP, \fB\-\-verbose\fP
Set for more verbose outputs. Use \fB\-VV\fP for maximum verbosity.
.TP
.B \fB\-x USER_NAME\fP, \fB\-\-ssh\-user USER_NAME\fP
The SSH user name.
.TP
.B \fB\-y\fP, \fB\-\-yes\fP
Use to respond to all confirmation prompts with "Yes". knife will not ask for confirmation.
.TP
.B \fB\-z\fP, \fB\-\-local\-mode\fP
Use to run the chef\-client in local mode. This allows all commands that work against the Chef server to also work against the local chef\-repo\&.
.UNINDENT
.sp
\fBExamples\fP
.sp
To find the uptime of all of web servers running Ubuntu on the Amazon EC2 platform, enter:
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
$ knife ssh "role:web" "uptime" \-x ubuntu \-a ec2.public_hostname
.ft P
.fi
.UNINDENT
.UNINDENT
.sp
to return something like:
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
ec2\-174\-129\-127\-206.compute\-1.amazonaws.com  13:50:47 up 1 day, 23:26,  1 user,  load average: 0.25, 0.18, 0.11
ec2\-67\-202\-63\-102.compute\-1.amazonaws.com    13:50:47 up 1 day, 23:33,  1 user,  load average: 0.12, 0.13, 0.10
ec2\-184\-73\-9\-250.compute\-1.amazonaws.com     13:50:48 up 16:45,  1 user,  load average: 0.30, 0.22, 0.13
ec2\-75\-101\-240\-230.compute\-1.amazonaws.com   13:50:48 up 1 day, 22:59,  1 user,  load average: 0.24, 0.17, 0.11
ec2\-184\-73\-60\-141.compute\-1.amazonaws.com    13:50:48 up 1 day, 23:30,  1 user,  load average: 0.32, 0.17, 0.15
.ft P
.fi
.UNINDENT
.UNINDENT
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
$ knife ssh \(aqname:*\(aq \(aqsudo chef\-client\(aq
.ft P
.fi
.UNINDENT
.UNINDENT
.sp
To force a chef\-client run on all of the web servers running Ubuntu on the Amazon EC2 platform, enter:
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
$ knife ssh "role:web" "sudo chef\-client" \-x ubuntu \-a ec2.public_hostname
.ft P
.fi
.UNINDENT
.UNINDENT
.sp
to return something like:
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
ec2\-67\-202\-63\-102.compute\-1.amazonaws.com   [Fri, 22 Oct 2010 14:18:37 +0000] INFO: Starting Chef Run (Version 0.9.10)
ec2\-174\-129\-127\-206.compute\-1.amazonaws.com [Fri, 22 Oct 2010 14:18:37 +0000] INFO: Starting Chef Run (Version 0.9.10)
ec2\-184\-73\-9\-250.compute\-1.amazonaws.com    [Fri, 22 Oct 2010 14:18:38 +0000] INFO: Starting Chef Run (Version 0.9.10)
ec2\-75\-101\-240\-230.compute\-1.amazonaws.com  [Fri, 22 Oct 2010 14:18:38 +0000] INFO: Starting Chef Run (Version 0.9.10)
ec2\-184\-73\-60\-141.compute\-1.amazonaws.com   [Fri, 22 Oct 2010 14:18:38 +0000] INFO: Starting Chef Run (Version 0.9.10)
ec2\-174\-129\-127\-206.compute\-1.amazonaws.com [Fri, 22 Oct 2010 14:18:39 +0000] INFO: Chef Run complete in 1.419243 seconds
ec2\-174\-129\-127\-206.compute\-1.amazonaws.com [Fri, 22 Oct 2010 14:18:39 +0000] INFO: cleaning the checksum cache
ec2\-174\-129\-127\-206.compute\-1.amazonaws.com [Fri, 22 Oct 2010 14:18:39 +0000] INFO: Running report handlers
ec2\-174\-129\-127\-206.compute\-1.amazonaws.com [Fri, 22 Oct 2010 14:18:39 +0000] INFO: Report handlers complete
ec2\-67\-202\-63\-102.compute\-1.amazonaws.com   [Fri, 22 Oct 2010 14:18:39 +0000] INFO: Chef Run complete in 1.578265 seconds
ec2\-67\-202\-63\-102.compute\-1.amazonaws.com   [Fri, 22 Oct 2010 14:18:39 +0000] INFO: cleaning the checksum cache
ec2\-67\-202\-63\-102.compute\-1.amazonaws.com   [Fri, 22 Oct 2010 14:18:39 +0000] INFO: Running report handlers
ec2\-67\-202\-63\-102.compute\-1.amazonaws.com   [Fri, 22 Oct 2010 14:18:39 +0000] INFO: Report handlers complete
ec2\-184\-73\-9\-250.compute\-1.amazonaws.com    [Fri, 22 Oct 2010 14:18:40 +0000] INFO: Chef Run complete in 1.638884 seconds
ec2\-184\-73\-9\-250.compute\-1.amazonaws.com    [Fri, 22 Oct 2010 14:18:40 +0000] INFO: cleaning the checksum cache
ec2\-184\-73\-9\-250.compute\-1.amazonaws.com    [Fri, 22 Oct 2010 14:18:40 +0000] INFO: Running report handlers
ec2\-184\-73\-9\-250.compute\-1.amazonaws.com    [Fri, 22 Oct 2010 14:18:40 +0000] INFO: Report handlers complete
ec2\-75\-101\-240\-230.compute\-1.amazonaws.com  [Fri, 22 Oct 2010 14:18:40 +0000] INFO: Chef Run complete in 1.540257 seconds
ec2\-75\-101\-240\-230.compute\-1.amazonaws.com  [Fri, 22 Oct 2010 14:18:40 +0000] INFO: cleaning the checksum cache
ec2\-75\-101\-240\-230.compute\-1.amazonaws.com  [Fri, 22 Oct 2010 14:18:40 +0000] INFO: Running report handlers
ec2\-75\-101\-240\-230.compute\-1.amazonaws.com  [Fri, 22 Oct 2010 14:18:40 +0000] INFO: Report handlers complete
ec2\-184\-73\-60\-141.compute\-1.amazonaws.com   [Fri, 22 Oct 2010 14:18:40 +0000] INFO: Chef Run complete in 1.502489 seconds
ec2\-184\-73\-60\-141.compute\-1.amazonaws.com   [Fri, 22 Oct 2010 14:18:40 +0000] INFO: cleaning the checksum cache
ec2\-184\-73\-60\-141.compute\-1.amazonaws.com   [Fri, 22 Oct 2010 14:18:40 +0000] INFO: Running report handlers
ec2\-184\-73\-60\-141.compute\-1.amazonaws.com   [Fri, 22 Oct 2010 14:18:40 +0000] INFO: Report handlers complete
.ft P
.fi
.UNINDENT
.UNINDENT
.sp
To query for all nodes that have the \fBwebserver\fP role and then use SSH to run the command \fBsudo chef\-client\fP, enter:
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
$ knife ssh "role:webserver" "sudo chef\-client"
.ft P
.fi
.UNINDENT
.UNINDENT
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
$ knife ssh name:* "sudo aptitude upgrade \-y"
.ft P
.fi
.UNINDENT
.UNINDENT
.sp
To specify the shell type used on the nodes returned by a search query:
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
$ knife ssh roles:opscode\-omnitruck macterm
.ft P
.fi
.UNINDENT
.UNINDENT
.sp
where \fBscreen\fP is one of the following values: \fBcssh\fP, \fBinteractive\fP, \fBmacterm\fP, \fBscreen\fP, or \fBtmux\fP\&. If the node does not have the shell type installed, knife will return an error similar to the following:
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
you need the rb\-appscript gem to use knife ssh macterm.
\(ga(sudo) gem    install rb\-appscript\(ga to install
ERROR: LoadError: cannot load such file \-\- appscript
.ft P
.fi
.UNINDENT
.UNINDENT
.SH AUTHOR
Chef
.\" Generated by docutils manpage writer.
.
